Hi, I was hit with it. After about 10 minutes turned the wifi off, and got to changing passwords from an uninfected machine. 3 Days later, all my passwords are changed, set up MFA on the most important sites, and even got a new debit card.
So far, no attempts to log into any of my accounts were made, no messages were sent, all clear. I think I prevented them from gaining access to anything.
Now I need help with some specific things, mainly backing up some important files on an external drive. I know it's unlikely, but I want to make sure the external drive is safe and could not reinfect a fresh install of Windows. This is due to a mishap that took place briefly.
Like I said, I turned the wifi off asap, but unfortunately didn't notice Windows has a setting that turns wifi back on after 4 hours. In the middle of changing all my passwords I noticed the wifi turned back on, and had probably been on for 10-15 minutes. By then, I had already hooked up an external SSD to the infected machine to backup some important folders (mainly images, videos and clip studio files), and had kept it plugged in. As soon as I noticed, I turned the wifi back off and reset my passwords a second time.
Is it possible at all that the attacker could've caught wind of the situation & done anything to infect the external drive?
Is there a way I could scan the drive to make sure it poses no threat and could be used to move old files to a new Windows installation?
I'm also currently preparing to format the infected machine and reinstall Windows from a USB, and I would like to know if there are reliable ways to check if the machine is completely clean even after reinstalling Windows, just to make sure.
Ty all